Add sshkey role and playbook

marcransome · marcransome · commit 2eb8cb3d5948 · 2021-03-18T13:43:22.000Z
diff --git a/roles/sshkey/tasks/main.yml b/roles/sshkey/tasks/main.yml
@@ -0,0 +1,27 @@
+---
+
+- name: Retrieve SSH private key for AWS instance(s) from Hashicorp Vault
+  set_fact:
+    aws: "{{ lookup('community.hashi_vault.hashi_vault', 'applications/heritage-{{ environment_name }}-eu-west-2/tuxedo/aws') }}"
+  no_log: True
+
+- name: Ensure SSH directory exists
+  file:
+    path: /root/.ssh
+    owner: root
+    group: root
+    state: directory
+    mode: '0700'
+
+- name: Write SSH private key to Ansible controller
+  copy:
+    content: "{{ aws['ssh_private_key'] }}"
+    dest: /root/.ssh/ansible_remote
+  no_log: True
+
+- name: Set SSH private key permissions
+  file:
+    path: /root/.ssh/ansible_remote
+    owner: root
+    group: root
+    mode: '0600'
diff --git a/sshkey.yml b/sshkey.yml
@@ -0,0 +1,5 @@
+---
+
+- hosts: localhost
+  roles:
+    - sshkey

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +---
++
 +- hosts: localhost
 +  roles:
 +    - sshkey